2015年3月17日 – Linux Cache

安装并测试

[root@localhost ~]# yum -y install freeradius freeradius-utils freeradius-mysql mysql-server

centos-6-freeradius-mysql-integration-01
[root@localhost ~]# rpm -lq freeradius-utils |grep radtest
/usr/bin/radtest
/usr/share/man/man1/radtest.1.gz
[root@localhost ~]#

centos-6-freeradius-mysql-integration-02
[root@localhost ~]# rpm -lq freeradius-mysql
/etc/raddb/sql/mysql
/etc/raddb/sql/mysql/admin.sql
/etc/raddb/sql/mysql/counter.conf
/etc/raddb/sql/mysql/cui.conf
/etc/raddb/sql/mysql/cui.sql
/etc/raddb/sql/mysql/dialup.conf
/etc/raddb/sql/mysql/ippool.conf
/etc/raddb/sql/mysql/ippool.sql
/etc/raddb/sql/mysql/nas.sql
/etc/raddb/sql/mysql/schema.sql
/etc/raddb/sql/mysql/wimax.conf
/etc/raddb/sql/mysql/wimax.sql
/etc/raddb/sql/ndb
/etc/raddb/sql/ndb/README
/etc/raddb/sql/ndb/admin.sql
/etc/raddb/sql/ndb/schema.sql
/usr/lib64/freeradius/rlm_sql_mysql-2.1.12.so
/usr/lib64/freeradius/rlm_sql_mysql.so
[root@localhost ~]#

编辑取消steve用户配置信息注释
[root@localhost ~]# cd /etc/raddb/
[root@localhost raddb]# vi users
启动debug模式
-X Turn on full debugging.
[root@localhost raddb]# radiusd -X

启动后最后6行屏幕输出
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on command file /var/run/radiusd/radiusd.sock
Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel
Listening on proxy address * port 1814
Ready to process requests.

新建终端会话窗口并执行登录操作
[root@localhost ~]# radtest steve testing localhost 1812 testing123
Sending Access-Request of id 173 to 127.0.0.1 port 1812
User-Name = “steve”
User-Password = “testing”
NAS-IP-Address = 127.0.0.1
NAS-Port = 1812
Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=173, length=71
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Address = 172.16.3.33
Framed-IP-Netmask = 255.255.255.0
Framed-Routing = Broadcast-Listen
Filter-Id = “std.ppp”
Framed-MTU = 1500
Framed-Compression = Van-Jacobson-TCP-IP
[root@localhost ~]#

centos-6-freeradius-mysql-integration-05 服务器debug输出最后一部分，Ctrl-C退出

配置成功恢复注释
配置数据库
[root@localhost raddb]# service mysqld start

[root@localhost raddb]# mysql -u root -p
mysql> create database radius;
Query OK, 1 row affected (0.00 sec)

mysql> exit
Bye

导入表结构
[root@localhost raddb]# mysql -u root -p radius < ./sql/mysql/schema.sql
Enter password:
[root@localhost raddb]# mysql -u root -p radius < ./sql/mysql/nas.sql
Enter password:
[root@localhost raddb]# mysql -u root -p radius < ./sql/mysql/ippool.sql
Enter password:
[root@localhost raddb]#

查看导入的表

centos-6-freeradius-mysql-integration-06

授权，
mysql> grant select on radius.* to radius@localhost identified by ‘radpass’;
Query OK, 0 rows affected (0.00 sec)

mysql> grant all on radius.radacct to radius@localhost;
Query OK, 0 rows affected (0.00 sec)

mysql> grant all on radius.radpostauth to radius@localhost;
Query OK, 0 rows affected (0.00 sec)

mysql> select * from radgroupreply;
Empty set (0.00 sec)

注意此处用户名密码为/etc/raddb/sql.conf中默认配置
# Connection info:
server = “localhost”
#port = 3306
login = “radius”
password = “radpass”

向表内插入数据

插入组信息
mysql> insert into radgroupreply(groupname,attribute,op,value) values (‘user’,’Auth-Type’,’:=’,’Local’);
Query OK, 1 row affected (0.00 sec)

查看插入的数据

centos-6-freeradius-mysql-integration-07
mysql> insert into radgroupreply (groupname,attribute,op,value) values (‘user’,’Service-Type’,’=’,’Framed-User’);
Query OK, 1 row affected (0.00 sec)

mysql> insert into radgroupreply (groupname,attribute,op,value) values (‘user’,’Framed-IP-Netmask’,’=’,’255.255.255.254′);
Query OK, 1 row affected (0.00 sec)

mysql> insert into radgroupreply (groupname,attribute,op,value) values (‘user’,’Framed-IP-Netmask’,’:=’,’255.255.255.0′);
Query OK, 1 row affected (0.00 sec)
查看整张表的数据

centos-6-freeradius-mysql-integration-08

插入用户信息

mysql> select * from radcheck;
Empty set (0.00 sec)

mysql> insert into radcheck (UserName,Attribute,Value) values (‘user1′,’Password’,’passwd1′);
Query OK, 1 row affected (0.00 sec)

mysql> insert into radcheck (UserName,Attribute,Value) values (‘user2′,’Password’,’passwd2′);
Query OK, 1 row affected (0.00 sec)
查看整张表的数据

将用户加入组
mysql> select * from radusergroup;
Empty set (0.00 sec)

mysql> insert into radusergroup (username,groupname) values (‘user1′,’user’);
Query OK, 1 row affected (0.00 sec)

mysql> insert into radusergroup (username,groupname) values (‘user2′,’user’);
Query OK, 1 row affected (0.00 sec)
查看整张表的数据
修改配置文件并连接数据库

取消注释
[root@localhost raddb]# vi radiusd.conf
$INCLUDE sql.conf
取消注释
[root@localhost raddb]# vi sql.conf
readclients = yes

增加注释，取消sql注释
[root@localhost raddb]# vi sites-enabled/default

3图

增加注释，取消注释2处
[root@localhost raddb]# vi sites-enabled/inner-tunnel

修改1处
[root@localhost raddb]# vi eap.conf

修改1处
[root@localhost raddb]# vi proxy.conf

启动debug模式确认启动状态
[root@localhost raddb]# radiusd -X

[root@localhost ~]# screen -ls There is a screen on: 16521.pts-0.localhost (Attached) 1 Socket in /var/run/screen/S-root. [root@localhost ~]# ps 16521 PID TTY STAT TIME COMMAND 16521 ? Ss 0:00 SCREEN [root@localhost ~]# kill -9 16521 [root@localhost ~]# screen -ls There is a screen on: 16521.pts-0.localhost (Dead ???) Remove dead screens with 'screen -wipe'. 1 Socket in /var/run/screen/S-root. [root@localhost ~]#

[root@localhost ~]# screen -wipe There is a screen on: 16521.pts-0.localhost (Removed) 1 socket wiped out. No Sockets found in /var/run/screen/S-root. [root@localhost ~]# screen -ls No Sockets found in /var/run/screen/S-root. [root@localhost ~]#

Linux Cache

FreeRADIUS与MySQL服务集成配置

Linux screen远程会话程序安装与使用

2015 年 3 月
一	二	三	四	五	六	日
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31